AVG-146

Package webkit2gtk
Status Fixed
Severity Critical
Type multiple issues
Affected 2.14.2-2
Fixed 2.14.3-1
Current 2.20.3-1 [extra]
Ticket None
Created Wed Jan 18 09:49:34 2017
Issue Severity Remote Type Description
CVE-2016-7656 Critical Yes Arbitrary code execution
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content. This issue...
CVE-2016-7654 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7652 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7645 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7641 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7639 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7635 Critical Yes Arbitrary code execution
Multiple memory corruption issues were found in WebKitGTK+ < 2.14.3, leading to arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7632 Critical Yes Arbitrary code execution
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to denial of service or arbitrary code execution while processing maliciously crafted...
CVE-2016-7623 Medium Yes Information disclosure
An issue in the handling of blob URLs was found in WebKitGTK+ < 2.14.3, leading to potential compromise of user information while processing maliciously...
CVE-2016-7599 Medium Yes Information disclosure
An issue in the handling of HTTP redirects was found in WebKitGTK+ < 2.14.3, leading to potential disclosure of user information while processing...
CVE-2016-7592 Medium Yes Information disclosure
An issue in the handling of JavaScript prompts was found in WebKitGTK+ < 2.14.3, leading to potential compromise of user information while processing...
CVE-2016-7589 Critical Yes Arbitrary code execution
A memory corruption issue was found in WebKitGTK+ < 2.14.3, leading to potential arbitrary code execution while processing maliciously crafted web content....
CVE-2016-7586 Medium Yes Information disclosure
A validation issue was found in WebKitGTK+ < 2.14.3, leading to the potential disclosure of user information while processing maliciously crafted web...
Date Advisory Package Description
18 Jan 2017 ASA-201701-27 webkit2gtk multiple issues
References
https://webkitgtk.org/security/WSA-2017-0001.html